Peter's blog

Jul 8, 2017

This devices are detected on Linux and work out of the box, but are slow and get very hot. Maximum performance is just a little bit more than 500 Mbps which is very poor. My guess is that the poor performance is caused by the PCI and not PCIe chipset: VIA Velocity VT6122

Jan 24, 2017

My principle of 2017

For me 2017 is going to be the first year of the dog food. Eating your own dog food, or simply dogfooding, is reference to a scenario in which one uses its own creation to test and promote it. Until 2016 I was way too focused of being user of state-of-the-art, and I missed many interesting adventures. Let me go and catch up with how things really works.

Why start with my router?

I love OpenWRT, I really do. But you know what I miss there? systemd...

My job transformed my negative feelings about systemd into some love. I would do anything to be far away from systemd an year ago, but now I like it. systemd had the chance to start again, and leaving 40 years of bash hacks in the past is... awesome!

For a long time I was using a $ 20 router. This was the device in which I learned how to use and love OpenWRT. The only limitation of this cheap router is the 100 Mbps Ethernet ports which is a problem for the 200 Mbps I get from my ISP. The natural choice for an upgrade would be one of Linksys' WRT routers and I went for the top of the line, the Linksys WRT3200ACM.

Figure 1: Linksys WRT3200ACM with it's awesome two wifi radios

Wifi speed is pretty good, and I could finally use my ISP full speed, but... The stock interface is ok, but it doesn't support VPN for having isolated networks. It is easy to update to a new firmware, however at the time I had my router the wifi drivers and firmware were not available for OpenWRT(I didn't quite like dd-wrt). So I was stuck with an awesome WRT-friendly hardware that was not supported yet. Argh! Sent it back to the store and got my money back.

Well, what you do when you can't solve a problem with embedded? You go for x86, right? I went for a ZOTAC ZBOX CI323 NANO(+ 8GB of RAM and SSD) which is one of the cheapest barebones I could find.

Figure 2: ZOTAC ZBOX CI323 NANO with 2 Ethernet and wifi

The case isn't as attractive as the previous one, but guess what? It has all I needed, even more. It has good built quality, and four x86 cores. I added 8GB of RAM, and more SSD space I could probably use. From the networking perspective it has two gigabit ports and wifi. What is the natural choice when you are moving from OpenWRT? Fedora of course! So I installed latest Fedora 25 Server.

The network

I can't say my home network is simple, but it is definitively not big. All home specific stuff like phones, tv, printer, and wife's computer are on wifi, while the stuff related to my work is on the wired network. The wired network doesn't have loads of devices, as I only have only two 5-port Netgear Prosafe GS105E-200PES switches. Besides that my router has one port directly connected to the cable modem, and I have two cross-over connections between two test servers(10Gbps for pretty cool stuff, but this is another story). Total of 11 Ethernet cables. Here's how it looks like:

Figure 3: Peter's home network

I use the rectangles on the right to represent the internal logic of the router that has two ethernet interfaces enp2s0 and enp3s0 and wireless wlp4s0. I made the drawing in a way that the router is between the Internet (enp2s0) and my private network(enp3s0 and wlp4s0). Then I add some interesting words on top of the interfaces like macvlan, vlan, and bridge. I'll explain in details these in Part-2.

The left side show how I connect the ethernet cables. The red and green solid lines represent my VLANs. The red dotted line show access permissions between networks. The blue dotted lines show how I use my two external IP addresses.

Why 2 VLANs Peter?

Basically for isolation. I want to be able to have multiple dhcp servers if I need to, and I want the freedom to do interesting things on my work network without interfering with the home network. I measure the success of my setup by the number of times wife comes with "You are messing with the Internet again, aren't you?". At the time of writing, I'm clean for more than 30 days. But on first week of my router adventures I was getting in average 3 complaints per day.

I also don't like guests having access to my embedded devices. So no access to my VLANs from wifi.

Yeah, right but why 2? I use one for my workstation and for the embedded devices, and recently I added a second one for a test lab.

Part 2, how to turn Fedora into a router?

On Part 2 I'll describe in details how to configure Fedora as a router. There a thousand details, but it is fun. Some keywords for Part 2: hostapd, 4addr, bridge, vlan, macvlan, firewall-cmd, systemd-networkd, routing tables, masquerade

Sep 11, 2016

For exchanging my Brazilian driving license for the Swiss one I needed to do a street test. The entire process is straightforward and efficient(The driving license arrived 48 hours after I passed the exam). There are many pointers of how the process works, so I'm not covering that in details. I think the only relevant detail is the canton: Zug.

I have 15 years and 500.000+ km of driving experience, and I consider myself a very, very good driver. My "auto"-esteem is not related to agressive driving skills, but my focus on safety, understanding of the car, environmental awareness, and traffic flow. Just as an silly example, when I get a new car, I adjust the mirrors and do some experimenting to "see" in practice where the blind spots are on that car before I feel comfortable with the mirrors. I'm also on a lazy path to become an airline pilot, so I'm the guy really interested in the rules and what motivated them.

I got my Swiss driving license on the first attempt and I passed with a rigorous examiner. I didn't consider that a great deal due my "auto"-esteem, but many Swiss friends congratulated me, and some told me cases of people failing repeatedly. Failing the test is expected.

My examiner's choice was a path that crossed _all_ kinds of roads, that went from 120km/h multi-lane highway to a 1,5 lane wide two-way road between pretty small villages. In 30 minutes of driving, the speed limit changed at least 20 times, which requires loads of attention, but is not exactly complex. I did ok on that.

My main problem was the lack of familiarity with the car. I spent like 3 hours driving it, including the time spent on the exam. That considerably reduced the speed in which I would feel comfortable driving. And that was a problem for the examiner. Here in Switzerland, if the speed limit is 50km/h, and there are no impediments like traffic or children playing around, you should drive at that speed. So he was not happy with me driving under the speed limit, but that was acceptable as I was telling him about the current speed limit and from where I took the speed limit information from.

But the real issue, the issue that almost costed me my license was environmental awareness, and this is what I really want to share. The fact that I'm aware of the environment, that I know where the blind spots are, don't mean a lot for the examiner. His main interest was in my ability to achieve environmental awareness in the Swiss way, which basically involves using less the mirrors, and more the neck. In at least two moments, he felt so uncomfortable with me turning right without turning neck, that he looked to check there was really nothing there.

So if you are exchanging your driver license to the Swiss one, I recommend you getting lessons from a professional instructor, and to get enough lessons. I did only 3 lessons, and that was not enough from the perspective of my examiner. I guess that getting 5-15 lessons may put you in a more comfortable position on the exam.

But the main advise I can give you is to not focus only on signs and traffic rules. You may be expected to behave in certain ways, even when there are multiple perfectly fine ways of achieving same goals. Learn and practices signs, traffic rules, but don't forget that the examiner will be looking for a Swiss driver when examining you, so go practice how to be that Swiss driver. One tip is to get a ride on the passenger seat with your instructor to get a feel of how she drives in places where you struggle. Do that after taking a few lessons.

And for more that I consider "my" way to be safe simply because it allows me to achieve environmental awareness without depending on slow neck movements, I really like the traffic here, so let me use more the neck and less the mirrors.

Nov 3, 2015

I was a bluehost.com customer from November 2008 to November 2015. When I joined, they offered great service for the price, but the price is not interesting for at least two years now. Besides some minor technical issues, the company lost a lot when it was sold, maybe more than once. In 2008 there was a good feeling that they cared about me, and that they were always innovating. This has gone for a long time.

I've been avoiding to move to another provider because I was expecting a lot of pain. I don't have anything complex: 7 domains, and about 400 MB of static content. How to choose my next registrar and hosting provider?

Gandi SAS is a sponsor of the Kernel Recipes, a Linux kernel conference that happens every year in Paris. But, besides sponsoring the event, they go to the conference, which offers me the chance to meet people who works for Gandi, and I met them many times there.

About prices, bluehost.com was asking me € 157.54 ($ 172.66) to renew my hosting plan for one year. Gandi charged me € 57,60 for an equivalent plan. Saving € 100 is a nice way of starting the week. However I wasn't expecting to have to pay a to transfer the registrar of my domains to Gandi. The transfer added € 84.84 to the bill, with an average price of € 12.12 / domain. The good news is that the transfer adds one year to the period the domain is already registered which makes it a good deal as I would neet to pay bluehost.com € 13.68 ($ 14.99) per domain per year. So financially I saved € 15.16 immediately and an extra € 95.76 on the first year as my domains are renewed for one extra year.

Also Gandi registrar can handle all kind of top level domains(More than 500 now) while bluehost.com could not even register a .org when I needed one in 2012.

Comparing the interfaces, bluehost.com offers an icon based interface with one button for each action, while Gandi has a more efficient interface that allows you to do the same tasks in less steps.

It took me around 4 hours to have everything up and running at Gandi. Registrar and hosting problem solved until at least 2022.

Jun 8, 2014

I'm learning how my body works in terms of fat and muscle levels. My main tool is a body composition monitor from Omron. I just bought a version that is made for the Japanese market, with no manual available in English. I'm making one, and I'll be glad if you help me. You can fill issues on Github or send me pull requests.

Oct 20, 2013

I made a fork of a clone detection tool named CCFinderX. Two days ago I got a message from an user telling that the compilation was not working on Arch Linux. As some Kernel developers, such as Greg KH, has mentioned Arch Linux as being nice, I decided to try it.

I prefer chroots over virtual machines due higher performance, and due the fact that I do not need insulation between my chroots. As for Debian, Fedora provides all tools needed to create chroots for Arch Linux. This is "very" nice, as one can setup the Arch Linux chroot in just a few minutes.

The steps will cover installing Arch Linux tools on Fedora, creating the Arch Linux chroot, and configuring it with a new user and ssh server.

Note that the text refers to "[fedora] $" and "[arch] $", but this strings will not show up. If you want it is possible to configure bash prompt for showing different strings. Here is guide on how to do it.

Prepare chroot directory (Hint: Save this to a script, or check my start/stop chroot scripts). Note that lines with -o bind mount the host directory inside the chroot. So if you delete something there, it will affect the host:

Aug 17, 2013

Toshiba R830-10P is a nice notebook as it lightweight, and very powerful, but the Graphics are poor. The integrated LCD has miserable resolution of 1366 x 768, and as it uses Intel HD Graphics 3000 it do not officially support high resolution displays such as 2560 x 1440.

I made a script to help people with similar problem. If you have a monitor that is not officially supported by your video card, you can try this approach. You need to tune the Hz parameter to find one value that is supported by the hardware, that is comfortable and stable. For comfort the higher the Hz the best.

Please note that there is no warranty that this script works for you, and there is no warranty that this script is safe for your hardware. I'm quite sure that playing with Modelines can burn some old CRT monitors. I've never heard that you can burn LCD / LED monitors, but I'm not sure.

I was not able to use more than 40 Hz as refresh rate when they say 55 Hz worked with Intel HD Graphics 3000. I can set modes up to 44 Hz but then the image is not stable and goes black for one second some times.

There are at least two tools with source code available under permissive free software licenses. Deckard and CCFinderX. CCFinderX is an evolution of CCFinder, made by the same author.

Deckard is easy to build and test, however CCFinder was not. For Linux users, I made a fork from gpoo/ccfinderx, and made some changes to simplify the build on Linux. The main change is to separate the core from the GUI. I have now two repositories:

Both are clones from gpoo/ccfinderx, but I've spited things. At the moment the GUI do not work but you can build CCFinderX-core without wired OpenJDK dependencies. And it works producing textual output. My goal with this repositories is provide source code that can be compiled, packed, and distributed.

Mar 27, 2013

I use Fedora on the Desktop but I need to do some development on Debian. chroots gives you no performance overhead, while virtual machines gives you CPU and memory insulation. Also the chroot is only a directory on my development tree.

I'm using Fedora 17 on my workstation and Debian 7 inside the chroot. The debootstrap command will save the files on the directory debian7-chroot/ under the current directory.

Jan 17, 2013

The datasheet of Toshiba R830-10P mentions that the maximum memory capacity is 8GB. See it here.

But Intel says that the i7-2620M supports up to 16GB of RAM. See it here.

I have asked for help on Toshiba Forums. Nothing useful from there. See it here.

I was curious as I have a very particular need for 16GB of RAM. Today I decided to give it a try. I bought two Patriot PSD38G13332S (8GB PC3 - 10600 1333MHz CL9 SoDimm) and installed it on the notebook. It just worked.

Bios screen showing 16384 MB of RAM.

Memtest86+ and some info about performance.

So if you have the need for 16GB of RAM and a similar notebook from Toshiba, you can install 16GB of RAM.

Dec 9, 2012

Coccinellery is a gallery of semantic patches made to inspire users of Coccinelle. Currently the semantic patches comes from patches we have submitted to the Linux Kernel. We are working on improving Coccinellery and your suggestions and contributions are welcome.

"Coccinelle is a program matching and transformation engine which provides the language SmPL (Semantic Patch Language) for specifying desired matches and transformations in C code. Coccinelle was initially targeted towards performing collateral evolutions in Linux. Such evolutions comprise the changes that are needed in client code in response to evolutions in library APIs, and may include modifications such as renaming a function, adding a function argument whose value is somehow context-dependent, and reorganizing a data structure. Beyond collateral evolutions, Coccinelle is successfully used (by us and others) for finding and fixing bugs in systems code."

But this is only the central history of the book. The author has a very funny way of writing, and shares details about many people involved, like bird strikes specialists, air traffic controllers, Airbus engineers and test pilots. There is a very interesting analysis about impact of Airbus fly by wire system and how turbulent, and boring, can be the career of commercial pilots.

If you are considering becoming a pilot, read this book first. It can direct you to the right kind of pilot, or convince you that there are better ways of living.

One of the boot steps that consumes about 3 seconds is the decompression and running of initrd. If you do not use LVM, software RAID or partition encryption you may not need initrd.

But Grub2 is configured to always use initrd for booting. If you modify by hand the file /etc/grub2.cfg, it will last until your next Kernel update. To avoid this, I made a grub configuration file that will generate entries without initrd even for new Kernels. Check it out at:

Mar 18, 2012

The Grip flavor of Emdebian project allows to create thinner Debian root file systems. I've created one that includes apt, vim-tiny, net-tools, iputils-ping, and isc-dhcp-client. Later I've added grub and Kernel 2.6.32-5-686. The total size of this Emdebian is about 66MB, which is 3.5 times smaller than the usual 230 MB required for regular Debian root file system.

Want to test it? I've created a 128MB bootable image file for x86 architecture. You will need at least 48MB of RAM to this image work. You can download it here. For testing use USB pen drive and a personal computer that allows booting from USB. The procedure:
1 - After downloading, uncompress using gzip:
# gzip -d peters-emdebian.img.gz

2 - Copy the image do destination pen drive using dd. Be careful to use correct destination as dd will overwrite it. Replace "X" with the correct drive letter. All data on destination storage will be lost.
# dd if=peters-emdebian.img of=/dev/sdX bs=8k

You can use $ df -h and $ cat /proc/meminfo to check the resource consumption of this Emdebian install.

Generating the Emdebian root filesystem from a Debian Squeeze box is easy. Making a bootable image require a little bit more work but also works fine. To generate the rootfs, download this file and:
# multistrap -d grip-squeeze -f grip-squeeze.conf

The Emdebian root filesystem will be saved at the folder grip-squeeze.

Mar 7, 2012

Virtualization is being sold as a solution for data center hardware idleness. Increasing the hardware usage level from less than 20% to more than 70% is possible with virtualization solutions. This may represent advantages like more available computing power and less servers consuming electricity, space and services. But at what cost? What is the price of virtualization solutions in terms of computing power and I/O consumption? What is the overhead of the virtualization layer?

Feb 4, 2012

Github is simple to use and powerful git repository with great web interface. If your project is open source, there is no problem if your repository is also open, right? What could be better to open source projects than having free hosting on feature rich and reliable service?

But if you are not the good guy and want to have your git repositories private, looks fair to charge you little money to keep your code safe.

This looks to be the basic business model do Github and the prices are attractive.

For those have never being in touch with versioning and code repositories, Github is also good place to start. The step-by-step documentation will guide you over the process of using git. It is really easy to start.

Github also encourages you to make friends and to grow your social network around the code you share. I would like to be your friend on GitHub, so you are invited to see my profile: https://github.com/petersenna

If you are looking for a job, Github can also help you. You can make your "Job Profile" and select: "Available for hire". The link to your code looks to be that your "open" code repositories are your portfolio.

The most tricky to understand is changing Y_SIZE from 30 to 32. This will activate one feature of most C compilers that converts multiples by a power of 2 (2, 4, 8, ...) into shifts. This will result in performance gains when the computer is doing pointer arithmetic to access the correspondent memory address of matrix[x][y]. The compiler will change one multiplication operation into one shift operation which is cheaper.

Looks like that there is nothing more to optimize. You can always write some assembly but it may not be good idea. The library function memset() can be used to fill a matrix. "Frequent used library subroutines like memset are often coded into assembly language and may make use of special processor-dependent tricks to do the job faster than could be done in C".

The improvements looks good, but how much efficient each optimizations are? I've measured it in clock cycles. And found that the optimization level is processor dependent.

For clock cycles, lower is better.

Results for: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz

clock cycles

times faster

matrix1()

11102.151556

1

matrix2()

6400.36597

1.7346119906

matrix3()

6379.460394

1.740296337

matrix4()

5952.497506

1.8651249404

matrix5()

2154.262528

5.153574094

matrix6()

1907.350431

5.8207193474

matrix7()

792.123493

14.0156827239

matrix8()

780.254779

14.2288799182

Results for: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz

clock cycles

times faster

matrix1()

17175.114362

1

matrix2()

8153.467501

2.1064797719

matrix3()

8063.182452

2.1300664427

matrix4()

8497.82453

2.0211189701

matrix5()

4300.083046

3.9941355035

matrix6()

4321.695819

3.9741608575

matrix7()

1569.097383

10.945856228

matrix8()

1560.792718

11.0040969335

Results for: AMD Athlon(tm) 7750 Dual-Core Processor @ 2.7GHz

clock cycles

times faster

matrix1()

25319.969906

1

matrix2()

10329.498185

2.4512294259

matrix3()

8558.934585

2.9583086136

matrix4()

9480.851235

2.6706430972

matrix5()

5544.608885

4.5665926003

matrix6()

5577.454075

4.5397002943

matrix7()

643.046753

39.3750062307

matrix8()

631.545791

40.0920570873

So, it is real! For Intel you can get 2 times faster performance by doing simple changes and not using pointer arithmetic. If you do take control of pointer arithmetic and trash some variables, the performance gain can go up to almost 6 times faster. The performance gain can reach 14 times faster by using ultra specialized subroutines. It is much better then I was expecting.

For AMD the use of the specialized functions can result in speedup of more than 40 times.

The clock cycle count is not an integer because the values shown are average mean of 256 measurements.

This command probes the local computer for optimization flags. To use it:

$ CFLAGS="[blue string from above]" ./configure

You may consider adding the "-O3" flag. The -O3 flag enables levels 1, 2 and 3 of compile time optimization. There are more information about -O3 on gcc man page. For doing it, instead of previous line, use:

Dec 2, 2011

Option 1: Lego Mindstorms NXT Software version 2.0
The first and the official programming option for the NXT is Lego Mindstorms NXT software version 2.0 that is based on Labview from National Instruments. It is delivered with 8547 LEGO® MINDSTORMS® NXT 2.0.

Mindstorms software is a graphical programming environment. The programming is made connecting bricks and data lines. It is "a great tool" for learning and teaching programming, and it is also fun. It is possible to do non trivial tasks like multi-threading and functions. But for non-small programs it is not practical.

Mindstorms software is used to make programs, to send the compiled programs to the NXT, to remote control the NXT, and to update NXT firmware. Both USB and Bluetooth are supported. I've tested it under Windows but it is also supported under Mac. It does not work under Linux.

See my enhanced color sorter program:

The main program. Note the two threads. The bottom is for the dispenser and color sensor, while the top controls the tray.

Function: tray_next

Function: tray_previous

This robot is running the code shown above.

You can download my program here. You will need Mindstorms software to open the files.

Mindstorms software is the perfect development environment for starting playing with Lego. It is as intuitive as connecting lego bricks and it is also beautiful. But is not practical for non small programs. I would not recommend to implement large software using it. But I would recommend this visual language to introduction to robotics and to programming languages.

Option 2: RobotC
LabView was successful on allowing me implementing the enhanced color sorter algorithm. But it becomes clear that LabView is not practical for complex and large programs.

I found Robotc and tried it. There is a 30 days trial version that I used for two weeks.

The first step is to upgrade the NXT firmware so it can support Robotc binaries. Do not worry about firmware upgrades. It is easy and safe on the NXT. You can always upgrade the firmware to the Lego Offical Firmware using the LabView.

RobotC offers complete development environment with functions similar to the LabView. But instead of connecting bricks and data lines you write C programs.

I found some limitations when I was using more than one thread simultaneously. I'm quite sure that those limitations are not insurmountable, but I did not like RobotC. For the basics there are good documentation and tutorials but I did not find free detailed information.

"Not eXactly C (NXC) is a high level language, similar to C, built on top of the NBC compiler. It can also be used to program the NXT brick. NXC is basically NQC for the NXT. To compile NXC programs just use the NBC compiler with source code files that have a .nxc file extension. A reference guide for NXC is available. You can also access online API help for NXC or download a compiled HTML help file. To take advantage of multi-dimensional array support and native shift operations be sure to download the enhanced NBC/NXC firmware and install it on your NXT."

I liked NXC. "To me", it feels more like C gcc than RobotC and it works on Linux. If you are Windows user, you should try Bricx Command Center that uses NXC/NQC, but if you are Linux user, NXC is great option. I'm using two tools that are official Fedora 15 packages: NQC and NXTRC. NQC is the compiler for the NXC while NXTRC is a tool for remote controlling the NXT and to send files to the Brick using bluetooth. I'm using the following packages:

Then, to send it to the NXT using bluetooth:
$ nxtrc -a 00:16:53:13:9A:70 -W dispenser4.rxe

The documentation for NXT is complete and freely available. Also, working on Linux is also very good to me. The binaries made by NXT works on Offical Lego Firmware but you can update to a firmware that is announced to offer better performance. I did not tried the high performance firmware yet.

The source code of the color sorter can be downloaded from: dispenser4.nxc

Conclusion:
I would start with LabView for initial fun and learning about sensors and motors, then switch to NXC for the complex tasks.
RobotC may have better processing performance and also richer debugging than Bricx Command Center. But for now, processing performance and richer debugging interface are not features that I'm looking for. If you need processing speed and/or rich debugging interface, give RobotC a try.

Dec 1, 2011

The bad news: My NXT brick was not working properly when I took it from the box. The sensor port 2 was not working. I do not think that there is warranty coverage for Lego Mindstorms in Brazil. I had no better option than try to fix it.

The good news: Lego delivers all information about the NXT electronics and its embedded software. It is a true open source platform.

And I've noticed a missing component near the port 2. R59 was not there. For lucky it is a common 1k resistor. Thanks to my father's SMD lab, we were able to solder a new resistor, and push hot air over port 2 components. After that port 2 started to work.

I'm deeply happy with Lego's open source policy for this product. I was wondering how happy I'll be when my car becomes open source. Lego gave us the power to fix the problem without any limitation. It is clear to me now that open source is great for hardware too. Is there open source tendencies for industry?

R59 was not there when I've opened my NXT for the first time. The schematics is from Lego web site.

What kind of information is freely and officially available about the Lego NXT:

- NXT Brick hardware schematics

- Sensors schematics

- I2C Communication protocol used for sensors

- Bluetooth interface specification

- Hardware Developer Kit

- Executable File Specification

- Mobile Application Software

- Mobile Application Documentation

- Open Source Firmware

And...

Lego has supported the development of a remote control to the NXT that runs on Android. The source code is released under GPL3.

About my non-working brick, I'm quite sure that this kind of problem happens very few times. Lego Mindstorms NXT 2.0 is clearly a high quality product. I believe that I'm the only in many many many owners who had this kind of trouble. And I admit: It was fun to fix it! :-D

The symptom:
After rebooting the iSCSI target / server, it becomes impossible for the initiator / client use the exported volume as if it were deleted. The iSCSI target / server service itself is working properly but the exported volume is not.

The cause:
During the boot of the iSCSI target / server, its LVM liked the new found PVs / VGs / LVs. The iSCSI target / server has no idea about those new found are not for the local machine and it "locks" the VGs and LVs for local use. When iSCSI exports the LV, it will contain locked LVM volumes. This is why it becomes impossible to use it on the iSCSI initiator / client.

The solution:
It is very easy. Edit /etc/lvm/lvm.conf and use "filters" to tell LVM what is not for local use. My filter is configured as:

filter = [ "a/sda/", "r/.*/" ]

For testing, just type pvscan after editing the file to see if the filter worked as expected. If so, just reboot and it will work.

Please note that using sda on the filter is not the safest solution as it is not impossible that sda becomes sdb for example. It will be safer to use UUIDs of something else.